1 / 19

Network Security (the Internet Security)

Network Security (the Internet Security). Kittiphan Techakittiroj engktc@au.ac.th. Goals of Security. Ensure the only authorized individuals have access to information Preventing unauthorized creation, alteration, or destruction of data

craig
Télécharger la présentation

Network Security (the Internet Security)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security(the Internet Security) Kittiphan Techakittiroj engktc@au.ac.th

  2. Goals of Security • Ensure the only authorized individuals have access to information • Preventing unauthorized creation, alteration, or destruction of data • Ensuring that legimate users are not denied access to information • Ensuring that resources are used in legitimate way

  3. Classication of Security • Communication security • signal • Computer security • user permission • file sharing access control

  4. Classication of Security Classication of Security (secondary) • Physical security: locks on doors, access badges, biometrics • Personnel security: employee screening • Administrative security: investigation of security breaches, policy • Information/data security: controlling the reporduction of sensitive material • Online security: controlling access to online data

  5. Classication of Security Violation • Cracking • Spoofing • Snooping • Social Engineering • Denial of Service

  6. Classification of Security Violation Cracking • Often called as “Hacking” • Break through the security by using the knowledge of • Software Engineer • Computer Network • Operating System • etc.

  7. Classification of Security Violation: Cracking Cracker • few real crackers (super crackers) • other cracker used • asking expert • public available information (WWW) • protected by • security report • patches, updates and hot fixes

  8. Classification of Security Violation Spoofing • Act as the others, e.g. • fake e-mail: e.g. sending an e-mail by pretending to be other (theoritical can be any name) • fake IP: e.g. to gain accesses to the prohibit area http://www.data.com/roundups/images/vpn_servers_figure1.html

  9. Classification of Security Violation Spoofing • Starting point for other security violation • False information • protected by • digital signature • digital certification

  10. Classification of Security Violation Snooping • Steal information during transmission • Hardware: • Packet Sniffer • usually need access to the physical network • Software: • capture keystroke

  11. Classification of Security Violation Snooping cont. • Other: • Trashing (happened to credit card number) • protected by: • encryption • security access control

  12. Classification of Security Violation Social Engineering • Talking between user and cracker • Serious and Common • protected by: • policy • knowledge of users

  13. Classification of Security Violation Denial of Service • attack the weakness of the network, e.g. • spamming e-mail (mail bomb) • spamming web request • WinNuke • protected by: • hot fixes & patches • firewall • logging system

  14. Benefit of Security • Confidentiality • Authentication (including access control) • Message Digest (including data integrity) • protect unknown modification, e.g. virus • sampling keywords of the information and do the encryption • Non-repudiation: digital signature & certification

  15. Potential Security Risk • Lack of safeguards • poorly configured & administered systems • basic security problems with communication protocol (IP, TCP, UDP) • faulty service program • basic security problem with service programs (WWW, FTP)

  16. General rules for Protection • software current & update • fixed & patch & upgrade • encrypt sensitive information • train user & administrator • password & security • policy • monitoring: 100% monitor --> 100% secure

  17. General rules for Protection Standard Technology on Security • firewall:packet filtering & proxy • Intrusion Detection Systems: Detect the attack before it happens • Network Address Translation: Not design for scurity but generate a high-level of security • encryption • VPN (virtual private network) • digital signature & certification

  18. General rules for Protection Emerging Technology on Security • encryption • SET, S-HTTP, IPSec (IP Security Protocol), SSL or TLS (Transport Layer Security), CDSA (Common Data Security Architecture), XBSS (Baseline Security Services), XDAS (Distribute Audit Service), XSSO (Single Sign On)

  19. Reference Books Developing Secure Commerce Applications by Online O’Reilly Web Development Courses (http://208.233.153.3/oreilly/security/westnet: 1999)

More Related